Standards Group:
YALE-MSS-9: Authentication and Authorization
YALE-MSS-9.5: Deprovision accounts and access when roles & responsibilities change
Low Risk Endpoint
Required
Moderate Risk Endpoint
Required
High Risk Endpoint
Required
Low Risk Server
Required
Moderate Risk Server
Required
High Risk Server
Required
Low Risk Mobile Device
Required
Moderate Risk Mobile Device
Required
High Risk Mobile Device
Required
Low Risk Network Printer
Required
Moderate Risk Network Printer
Required
High Risk Network Printer
Required
Details
Controls
- YALE-MSS-9.5.1: Ensure accounts are deprovisioned or altered to reflect necessary access when an individual's role or responsibilities change or a user is terminated
- YALE-MSS-9.5.2: Shared service account passwords should be renewed on a routine basis or when an individual who knew the credentials no longer needs access to the account
- YALE-MSS-9.5.3: Identify dormant accounts and remove them on a regular basis